WebAuthn API

Individual API

The WebAuthn API provides passwordless authentication using hardware keys and biometrics.

Quick Navigation

Overview
Base Path
Authentication
WebAuthn Flow
Endpoints
Internal Notes
Swagger Documentation

Overview

This module supports:

WebAuthn credential registration
WebAuthn authentication
Credential management
Passwordless login with MFA bypass

Base Path

All WebAuthn endpoints are prefixed with /api/v1/webauthn

Authentication

Registration and authentication endpoints have different requirements - see individual endpoint documentation.

WebAuthn Flow

The WebAuthn API enables passwordless authentication using hardware security keys and platform authenticators. Users can register credentials and use them for secure, passwordless login that bypasses MFA requirements.

Endpoints

Method	Endpoint	Description
POST	`/register/start`	Start WebAuthn registration
POST	`/register/complete`	Complete WebAuthn registration
POST	`/authenticate/start`	Start WebAuthn authentication
POST	`/authenticate/complete`	Complete WebAuthn authentication
GET	`/credentials`	List WebAuthn credentials
DELETE	`/credentials/{credential_id}`	Delete WebAuthn credential

Internal Notes

All endpoints are fully implemented
WebAuthn authentication bypasses MFA (passwordless is already strong)
Device trust integration for seamless experience
Supports hardware keys (YubiKey, etc.) and platform authenticators (Touch ID, Windows Hello)

Swagger Documentation

Interactive API documentation available at: /docs#/WebAuthn Passwordless Authentication

Overview​

Base Path​

Authentication​

WebAuthn Flow​

Endpoints​

Internal Notes​

Swagger Documentation​